The present invention relates to the management of applications on an appliance. More specifically the invention relates to controlling the use of applications on appliances such as mobile devices according to permissions set on an external server system. The appliance, in some embodiments, may be subservient to the server.
The rapid growth in the availability and deployment of mobile appliances has facilitated remote working. From ultra-portable laptop computers to smart-phones, there is a need for portability of the conventional workplace for office workers and workers who must travel. Currently, there are two ways that a mobile appliance may be enabled for remote working. In the first case, applications are run remotely and the user enjoys the use of the application through a connected session. This usually involves a browser, or some application-specific equivalent, that offers the user the same user interaction and experience, within the limitations of the device, as are normally achieved when connected in an office environment at a desktop computer. A session based solution suffers from the inconvenience and technical challenge that a connection must be secured and the appliance remains connected throughout the session. In a truly mobile environment, the data connection is often difficult because of network limitations and uncertain signal quality.
The second way a mobile appliance may be enabled for remote working is for the application in use to be physically resident and enabled on the appliance (i.e., stored locally on the appliance). This solution has a strong advantage in that it permits a user to work with the application locally without the need for a sustained connection. To implement this second solution requires that the applications be downloaded to the appliance and then enabled. Applications for mobile devices may already be stored and retrieved from application repositories and delivered to mobile appliances using a wireless network. Such examples can be found with Apple's AppStore for the iPhone and the RIM Blackberry family of products.
There are significant drawbacks to locally stored applications on an appliance. For example, it has a serious disadvantage in that stored local information is not secure, and corporate intellectual property, or other sensitive information, may be compromised by its exposure. Access to sensitive information is not easily controlled, and the risks of theft damaging a company are very high.
Hence there is a need for a system to manage applications on an appliance without requiring constant connectivity, and further without compromising security of the application and/or confidential information. Such a system may manage applications by individually approving them for execution, functionally augmenting them by adding validity checking and user confirmation, and monitoring them for permitted networks and connection targets. In some embodiments, applications may be restricted from access to locally stored persistent data or the data may itself be removed.
In view of the foregoing, systems and methods for managing applications on an appliance are disclosed. The present invention provides a novel system for securely regulating information exchange on an appliance, without requiring a constant connection between the appliance and an external server.